Captcha Deployment on load balanced server

4 posts, 0 answers
  1. Jessie
    Jessie avatar
    4 posts
    Member since:
    Feb 2012

    Posted 27 Mar 2012 Link to this post

    Hi,

    Is there a way to deploy RadCaptcha on a load balanced servers, instead of using session as imagestorageloacation can we use cookies?

    Thanks,
    Jessie
  2. Slav
    Admin
    Slav avatar
    1355 posts

    Posted 29 Mar 2012 Link to this post

    Hi Jessie,

    The standard approach for configuring the RadCaptcha control for a Web Farm environment is described in this help article.

    If you want to use another storage medium for storing the CaptchaImage object, you can achieve it via the following method:

    1. In the Page.Init I retrieve the text code from the CaptchaImage (CaptchaImage.Text) stored in the DB, cookie or Session (if any CaptchaImage).

    2. In the Page.Init I create an ASP.NET Image control, and set the ImageUrl to the path of the HttpHandler that serves the CaptchaImage. The Image is added to the Page.

    3. I create a custom HttpHandler (CustomNameSpace.CaptchaImageHandler in my case) that will serve the image. 

    4. In the web.config, the following markup is added to register the handlers

    <system.web>
       
        <httpHandlers>
            <add path="MyCustom.CaptchaHandler.axd" type="CustomNameSpace.CaptchaImageHandler" verb="*" validate="false"/>
        </httpHandlers>
        <httpModules>
        </httpModules>
    </system.web>
    <system.webServer>
           
        <handlers>
            <remove name="MyCustom_CaptchaHandler_axd" />
            <add name="MyCustom_CaptchaHandler_axd" path="MyCustom.CaptchaHandler.axd" type="CustomNameSpace.CaptchaImageHandler" verb="*" preCondition="integratedMode"/>
        </handlers>
    </system.webServer>
    5. The path (highlighted in the sample) can be any path chosen by you.

    6. On a button click I compare the text entered in a TextBox to the one of the CaptchaImage and display respective message.

    I have attached a sample project that implements this approach, so that you can use it as a reference for incorporating the suggested solution. In my case Session is utilized as a storage, but you can easily change it to a cookie if you want.

    All the best,
    Slav
    the Telerik team
    If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the RadControls for ASP.NET AJAX, subscribe to their blog feed now.
  3. UI for ASP.NET Ajax is Ready for VS 2017
  4. Jessie
    Jessie avatar
    4 posts
    Member since:
    Feb 2012

    Posted 29 Mar 2012 Link to this post

    Hi Slav,

    Thanks for the reply.  some follow up question.
    How to setup the captcha properties?
    Also could you elaborate more on how can I utilize cookie as a storage.

    Thanks,
    Jessie
  5. Slav
    Admin
    Slav avatar
    1355 posts

    Posted 03 Apr 2012 Link to this post

    Hello Jessie,

    As I explained in the previous post, there are two options for configuring the RadCaptcha control so that it can be used in a WebFarm scenario.

    • The first approach is the standard one, which is usually used in such cases. To setup the RadCaptcha you should set the ImageStorageLocation property of the control to Session, configure the web.config as demonstrated in the following code sample and ensure that out-of-process session state management is used, as explained in this article.
      <configuration>
          <system.web>
              <httpHandlers>
                  <add path="Telerik.Web.UI.WebResource.axd" type="Telerik.Web.UI.WebResourceSession" verb="*" validate="false" />
              </httpHandlers>
          </system.web>
          <system.webServer>
              <handlers>
                  <add name="Telerik_Web_UI_WebResource_axd" verb="*" preCondition="integratedMode" path="Telerik.Web.UI.WebResource.axd" type="Telerik.Web.UI.WebResourceSession" />
              </handlers>
          </system.webServer>
      </configuration>

    • The second option is to store the CaptchaImage object in custom storage medium, and to serve the image using custom HttpHandler. After further inspecting the case we determined that a cookie cannot be utilized as a storage for the RadCaptcha image. It is not possible to save the image in a cookie and the image itself cannot be recreated by storing only the validation code. You can still consider saving the captcha image in a database, as it is a much more secure approach. To do so you should change the method for retrieving and storing the CaptchaImage object in the following sections of the sample:
      CaptchaImageHandler.cs
      CaptchaImage ci = null;
      try
      {
          ci = (CaptchaImage)HttpContext.Current.Session["CaptchaImage"];
      }
      catch
      {
          app.Response.StatusCode = 404;
          context.ApplicationInstance.CompleteRequest();
          return;
      }

    • Custom_Captcha.aspx
      private CaptchaImage RadCaptchaImage
      {
          get
          {
              return (CaptchaImage)Session["CaptchaImage"];
          }
          set
          {
              Session["CaptchaImage"] = value;
          }
      }


    Greetings,
    Slav
    the Telerik team
    If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the RadControls for ASP.NET AJAX, subscribe to their blog feed now.
Back to Top